#!/bin/sh
set -e
set -o pipefail

[ "$DEBUG" == 'true' ] && set -x

DAEMON=sshd
HOSTKEY=/etc/ssh/ssh_host_ed25519_key

# create the host key if not already created
if [ ! -f "${HOSTKEY}" ]; then
	ssh-keygen -A
fi

mkdir -p ${HOME}/.ssh
source /etc/profile
[ "$PUBKEY" ] && echo "$PUBKEY" > ${HOME}/.ssh/authorized_keys

chown -R git:git ${HOME}
chmod -R 755 ${HOME}

# Fix permissions, if writable
if [ -w ${HOME}/.ssh ]; then
    chown git:git ${HOME}/.ssh && chmod 700 ${HOME}/.ssh/
fi
if [ -w ${HOME}/.ssh/authorized_keys ]; then
    chown git:git ${HOME}/.ssh/authorized_keys
    chmod 600 ${HOME}/.ssh/authorized_keys
fi

# Warn if no config
if [ ! -e ${HOME}/.ssh/authorized_keys ]; then
  echo "WARNING: No SSH authorized_keys found for git"
fi

# set the default shell
mkdir -p $HOME/git-shell-commands
cat >$HOME/git-shell-commands/no-interactive-login <<\EOF
#!/bin/sh
printf '%s\n' "Hi $USER! You've successfully authenticated, but I do not"
printf '%s\n' "provide interactive shell access."
exit 128
EOF
chmod +x $HOME/git-shell-commands/no-interactive-login

stop() {
    echo "Received SIGINT or SIGTERM. Shutting down $DAEMON"
    # Get PID
    pid=$(cat /var/run/$DAEMON/$DAEMON.pid)
    # Set TERM
    kill -SIGTERM "${pid}"
    # Wait for exit
    wait "${pid}"
    # All done.
    echo "Done."
}

echo "Running $@"
if [ "$(basename $1)" == "$DAEMON" ]; then
    trap stop SIGINT SIGTERM
    $@ &
    pid="$!"
    mkdir -p /var/run/$DAEMON && echo "${pid}" > /var/run/$DAEMON/$DAEMON.pid
    wait "${pid}" && exit $?
else
    exec "$@"
fi
